• Welcome to OnlyTech Forums
    An online community for the tech enthusiasts!
    Log in or Register

Microsoft Windows: Kernel Data Protection

Bapun Raz

Staff member
Administrator
Joined
3 Nov 2010
Messages
22,809
Solutions
4
Reaction score
30,493
Introducing Kernel Data Protection, a new platform security technology for preventing data corruption - Microsoft Security

Kernel Data Protection (KDP) is a new technology that prevents data corruption attacks by protecting parts of the Windows kernel and drivers through virtualization-based security (VBS). KDP is a set of APIs that provide the ability to mark some kernel memory as read-only, preventing attackers from ever modifying protected memory. For example, we’ve seen attackers use signed but vulnerable drivers to attack policy data structures and install a malicious, unsigned driver. KDP mitigates such attacks by ensuring that policy data structures cannot be tampered with.
 
Top Bottom